OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

WinXP: No working route

https://forums.openvpn.net/viewtopic.php?t=12997

Page 1 of 1

WinXP: No working route

Posted: Mon May 27, 2013 5:11 pm
by peterfarge
Hello Forum,

I want to use OpenVPN on an old WinXP machine. I want to restrict the outgoing traffic to only the tunnel. So I created a default route to a none existing ip address and a persistent route to the VPN Server. Now I can connect OpenVPN to the server and all traffic goes through the tunnel und if I lose the connection, the old default route will direct the traffic towards nirvana. The nirvana IP address is: 192.168.40.77

My VPN Provider offers me two servers. On one server this method works, on the second dont. I cant ping web addreses (no dns registered) nor ping the ip numbers directly. Whats the problem?

The following infos are taken if I connect to the "not working" server:

Code: Select all

C:\Documents and Settings\Administrator>ipconfig
Ethernet adapter Local Area Connection 6:
        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 10.11.12.13
        Subnet Mask . . . . . . . . . . . : 255.255.255.252
        Default Gateway . . . . . . . . . : 10.11.12.14

Code: Select all

C:\Documents and Settings\Administrator>route PRINT
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0        128.0.0.0       10.11.12.13      10.11.12.14       1
          0.0.0.0          0.0.0.0     192.168.40.77  192.168.40.155       10
        10.11.12.1  255.255.255.255       10.11.12.13      10.11.12.14       1
       10.11.12.12  255.255.255.252       10.11.12.14      10.11.12.14       30
       10.11.12.14  255.255.255.255        127.0.0.1       127.0.0.1       30
   10.255.255.255  255.255.255.255       10.11.12.14      10.11.12.14       30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        128.0.0.0        128.0.0.0       10.11.12.13      10.11.12.14       1
   178.73.212.230  255.255.255.255     192.168.40.2  192.168.40.155       1
   178.73.212.231  255.255.255.255     192.168.40.2  192.168.40.155       1
   178.73.212.231  255.255.255.255    192.168.40.77  192.168.40.155       1
     192.168.40.0    255.255.255.0   192.168.40.155  192.168.40.155       10
   192.168.40.155  255.255.255.255        127.0.0.1       127.0.0.1       10
   192.168.40.255  255.255.255.255   192.168.40.155  192.168.40.155       10
        224.0.0.0        240.0.0.0       10.11.12.14      10.11.12.14       30
        224.0.0.0        240.0.0.0   192.168.40.155  192.168.40.155       10
  255.255.255.255  255.255.255.255       10.11.12.14      10.11.12.14       1
  255.255.255.255  255.255.255.255   192.168.40.155  192.168.40.155       1
Default Gateway:        10.11.12.13
The OpenVPN Config file is the same on both servers, only the server ip is different.

Code: Select all

float
client
nobind
dev tun 
proto udp 
; Cert
ca ..\\keys\\ca.crt
ns-cert-type server
cipher BF-CBC
;Host
remote-random
remote w.x.y.z 1194
remote a.b.c.d 1194

resolv-retry infinite
;auth
auth-user-pass connect
persist-key
persist-tun

register-dns

comp-lzo
verb 2

Thanks

Peter

Re: WinXP: No working route

Posted: Tue May 28, 2013 9:29 pm
by janjust
what does "a persistent route to the VPN Server" mean? are you covering both VPN servers?

what does the routing table look like when connecting to the "wrong" server compared to the "right" server. Is there a route missing? Are different routes pushed from the server to the client ?

Re: WinXP: No working route

Posted: Wed May 29, 2013 7:49 am
by peterfarge
"A persistent route to the VPN Server" means that only this IP adress can be reached from the client computer.
Its this Dos Command:
route -p add MyVpnProvider.con mask 255.255.255.255 192.168.40.2

I'm a normal user, the VPN-Server is provided by a company. I have send this informations to the company and got a ticket, lets see what they say. The working VPN-Server creates one route less in the routing table, maybe the company messed something up...

Re: WinXP: No working route

Posted: Wed May 29, 2013 8:08 am
by janjust
wouldn't you then have to create persistent routes for both servers in your config. e.g.

Code: Select all

route add -p w.x.y.z mask 255.255.255.255 192.168.40.2
route add -p a.b.c.d mask 255.255.255.255 192.168.40.2
?

Re: WinXP: No working route

Posted: Wed May 29, 2013 9:37 am
by peterfarge
Yes I have have two persistant routes to both servers. And currently I can connect to both servers (the OpenVpn Icon in the taskbar goes green on both servers), but only one provides internet access.

I think the problem lays on my provider site.

Re: WinXP: No working route

Posted: Wed May 29, 2013 10:39 am
by janjust
for that you'd need to contact your provider; if you add

Code: Select all

verb 5
to the client config and connect to the "wrong" VPN host then perhaps I can tell what they're doing wrong ;)
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/